<?php
	include "globals.php";
	
//Coded by Jonathan Gorard, 2012
//Part of The Matrix Unplugged, All Rights Reserved
   
	if($ir['mailban']){
		die("<font color=red><h3>! ERROR</h3>
You have been mail banned for {$ir['mailban']}

	 days.<br />
<br />
<b>Reason: {$ir['mb_reason']}

</font></b>");
}

$_GET['ID'] = abs((int) $_GET['ID']);
print "<table width=85% class='table' cellspacing='1'><tr><td><a href='mailbox.php?action=inbox'>Inbox</a></td> <td><a href='mailbox.php?action=outbox'>Sent Messages</a></td> <td><a href='mailbox.php?action=compose'>Compose Message</a></td> <td><a href='mailbox.php?action=delall'>Delete All Messages</a></td> <td><a href='mailbox.php?action=archive'>Archive Messages</a></td><td><a href='contactlist.php'>My Contacts</a></td></tr> </table><br />";
switch($_GET['action']){
	case 'inbox':
		mail_inbox();
		break;
	case 'outbox':
		mail_outbox();
		break;
	case 'compose':
		mail_compose();
		break;
	case 'delete':
		mail_delete();
		break;
	case 'send':
		mail_send();
		break;
	case 'delall':
		mail_delall();
		break;
	case 'delall2':
		mail_delall2();
		break;
	case 'archive':
		mail_archive();
		break;
	default:
		mail_inbox();
		break;
}


function mail_inbox(){
	global $db,$ir,$c,$userid,$h;
	print <<<OUT
Only the last 25 messages sent to you are visible.<br />
<table width=75% class="table" border="0" cellspacing="1">
<tr>
<td class="h" width="30%">From</td>
<td class="h" width="70%">Subject/Message</td>
</tr>
OUT;
	$q=$db->query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_from=u.userid WHERE m.mail_to=$userid ORDER BY mail_time DESC LIMIT 25");
	while($r=$db->fetch_row($q)){
		$sent=date('F j, Y, g:i:s a',$r['mail_time']);
		print "<tr><td>";
		
		if($r['userid']){
			print "<a href='viewuser.php?u={$r['userid']}

		'>{$r['username']}

	</a> [{$r['userid']}

]";
} else{
	print "SYSTEM";
}

$fm=urlencode($r['mail_text']);
print <<<EOF
</td>
<td>{$r['mail_subject']}

</td>
</tr>
<tr>
<td>Sent at: {$sent}

<br /><a href='mailbox.php?action=compose&ID={$r['userid']}

'>Reply</a>
<br />
<a href='mailbox.php?action=delete&ID={$r['mail_id']}

'>Delete</a>
<br />
<a href='preport.php?ID={$r['userid']}

&amp;report=Fradulent mail: {$fm}

'>Report</a>
</td>
<td>{$r['mail_text']}

</td>
</tr>
EOF;
}


if($ir['new_mail'] > 0){
	$db->query("UPDATE mail SET mail_read=1 WHERE mail_to=$userid");
	$db->query("UPDATE users SET new_mail=0 WHERE userid=$userid");
}

echo '</table>';
}


function mail_outbox(){
	global $db,$ir,$c,$userid,$h;
	print "Only the last 25 messages you have sent are visible.<br />
<table width=75% cellspacing=1 class='table'><tr style='background:gray'><th>To</th><th>Subject/Message</th></tr>";
	$q=$db->query("SELECT m.*,u.* FROM mail m LEFT JOIN users u ON m.mail_to=u.userid WHERE m.mail_from=$userid ORDER BY mail_time DESC LIMIT 25");
	while($r=$db->fetch_row($q)){
		$sent=date('F j, Y, g:i:s a',$r['mail_time']);
		print "<tr><td><a href='viewuser.php?u={$r['userid']}

	'>{$r['username']}

</a> [{$r['userid']}

]</td><td>{$r['mail_subject']}

</td></tr><tr><td>Sent at: $sent<br /></td><td>{$r['mail_text']}

</td></tr>";
}

}


function mail_compose(){
	global $db,$ir,$c,$userid,$h;
	print "<form action='mailbox.php?action=send' method='post'>
<table width=75% cellspacing=1 class='table'> <tr>
<td>Contact to send to:</td> <td>";
	$q=$db->query("SELECT c.*, u.username FROM contactlist c LEFT JOIN users u ON c.cl_ADDED=u.userid WHERE c.cl_ADDER={$userid}

 ORDER BY u.username ASC");

if($db->num_rows($q) == 0){
	print "You have no contacts!";
} else{
	print "<select name='user1' type='dropdown'><option value=''>&lt;select a contact...&gt;</option>";
	while($r=$db->fetch_row($q))  {
		print "<option value='{$r['username']}

	'>{$r['username']}

</option>";
}

print "</select>";
}


if($_GET['ID']){
	$user=$db->fetch_single($db->query("SELECT username FROM users WHERE userid={$_GET['ID']}

"));
}

print "</td></tr><tr>
<td><b>OR</b> Enter a username to send to:</td><td><input type='text' name='user2' value='{$user}

' /></td></tr><tr>
<td>Subject:</td> <td><input type='text' name='subject' /></td></tr><tr>
<td>Message:</td>
<td><textarea rows=5 cols=40 name='message'></textarea></td></tr><tr> <td colspan=2><input type='submit' value='Send' /></td></tr></table></form>";

if($_GET['ID']){
	print "<br /><table width=75% border=2><tr><td colspan=2><b>Your last 5 mails to/from this person:</b></td></tr>";
	$q=$db->query("SELECT m.*,u1.username as sender from mail m left join users u1 on m.mail_from=u1.userid WHERE (m.mail_from=$userid AND m.mail_to={$_GET['ID']}

) OR (m.mail_to=$userid AND m.mail_from={$_GET['ID']}

) ORDER BY m.mail_time DESC LIMIT 5");
while($r=$db->fetch_row($q)){
	$sent=date('F j, Y, g:i:s a',$r['mail_time']);
	print "<tr><td>$sent</td> <td><b>{$r['sender']}

 wrote:</b> {$r['mail_text']}

</td></tr>";
}

print "</table>";
}

}


function mail_send(){
	global $db,$ir,$c,$userid,$h;
	$subj=str_replace(array("\n"),array("<br />"),strip_tags($_POST['subject']));
	$msg=str_replace(array("\n"),array("<br />"),strip_tags($_POST['message']));
	
	if($_POST['user1'] && $_POST['user2']){
		die("Please do not select a contact AND enter a username, only do one.<br />
<a href='mailbox.php'>&gt; Back</a>");
	}

	
	if(!$_POST['user1'] && !$_POST['user2']){
		die("You must select a contact or enter a username.<br />
<a href='mailbox.php'>&gt; Back</a>");
	}

	$sendto=($_POST['user1']) ? $_POST['user1'] :
	$_POST['user2'];
	$q=$db->query("SELECT userid FROM users WHERE username='{$sendto}

'");

if($db->num_rows($q)==0){
	die("You cannot send mail to nonexistant users.<br />
<a href='mailbox.php'>&gt; Back</a>");
}

$to=$db->fetch_single($q);
$db->query("INSERT INTO mail VALUES ('',0,$userid,$to,unix_timestamp(),'$subj','$msg')");
$db->query("UPDATE users SET new_mail=new_mail+1 WHERE userid={$to}

");
print "Message sent.<br />
<a href='mailbox.php'>&gt; Back</a>";
}


function mail_delete(){
	global $db,$ir,$c,$userid,$h;
	$db->query("DELETE FROM mail WHERE mail_id={$_GET['ID']}

 AND mail_to=$userid");
print "Message deleted.<br />
<a href='mailbox.php'>&gt; Back</a>";
}


function mail_delall(){
	global $ir,$c,$userid,$h;
	print "This will delete all the messages in your inbox.<br />
There is <b>NO</b> undo, so be sure.<br />
<a href='mailbox.php?action=delall2'>&gt; Yes, delete all messages</a><br />
<a href='mailbox.php'>&gt; No, go back</a>";
}


function mail_delall2(){
	global $db,$ir,$c,$userid,$h;
	$db->query("DELETE FROM mail WHERE mail_to=$userid");
	print "All ".$db->affected_rows()." mails in your inbox were deleted.<br />
<a href='mailbox.php'>&gt; Back</a>";
}


function mail_archive(){
	global $ir,$c,$userid,$h;
	print "This tool will download an archive of all your messages.<br />
<a href='dlarchive.php?a=inbox'>&gt; Download Inbox</a><br />
<a href='dlarchive.php?a=outbox'>&gt; Download Outbox</a>";
}

$h->endpage();
?>
